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In the Claims : 

1. (CURRENTLY AMENDED) A method for assessing the 
security posture of a network comprising the steps of: 

creating a system object model database representing a 
network, wherein the system object model database supports the 
information data requirements of separate, non-integrated 
network vulnerability analysis programs; 

exporting the system object model database of the network 
to the separate, non-integrated network vulnerability/risk 
analysis programs, wherein each analysis program is operative 
to run as a separate program and produce an initial data 
source separate from any data sources produced by respective 
other programs also running to produce a plurality of initial 
data sources for creating the system object model database; 

exporting the system object model database of the network 
to the separate, — non - integrated network vulnerability /risk 
analysis programs ; 

analyzing the network with each network vulnerability 
analysis program to produce data results from each program; 
and 

correlating the data results of the network vulnerability 
analysis programs to determine the security posture of the 
network. 

2. (ORIGINAL) A method according to Claim 1, and 
further comprising the step of importing the system object 
model database to the network vulnerability analysis programs 
via an integrated application programming interface. 
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3. (ORIGINAL) A method 
further comprising the step of 
on a graphical user interface. 

4. (ORIGINAL) A method 
further comprising the step of 
to define components of the ne 
programs that share common dat< 



according to Claim 1, and 
modeling the network as a map 

according to Claim 1, and 
establishing a class hierarchy 
work vulnerability analysis 
. and programming traits. 



5. (ORIGINAL) A method according to Claim 1, and 
further comprising the step of correlating the data results of 
the network vulnerability analysis programs using fuzzy logic 
processing . 



6. (ORIGINAL) A method according to Claim 1, and 
further comprising the step of running the network 
vulnerability assessment /risk analysis programs to obtain data 
results pertaining to network system details, network 
topologies, node level vulnerabilities and network level 
vulnerabilities . 

7. (PREVIOUSLY PRESENTED) A method for assessing the 
security posture of a network comprising the steps of: 

creating a system object model database representing a 
network, wherein the system object model database supports the 
information data requirements of separate, non-integrated 
network vulnerability/risk analysis programs, wherein each 
analysis program is operative to run as a separate program and 
produce an initial data source separate from any data sources 
produced by respective other programs also running to produce 
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a plurality of initial data sources for creating the system 
ob j ect model database; 

importing the system object model database of the network 
to the network vulnerability analysis programs through filters 
associated with each respective network vulnerability analysis 
program to export only the data required by a respective 
network vulnerability analysis program; 

analyzing the network with each network vulnerability 
analysis program to produce data results from each program; 
and 

correlating the data results of the network vulnerability 
analysis programs to determine the security posture of the 
network . 

8. (ORIGINAL) A method according to Claim 7, and 
further comprising the step of exporting the system object 
model database to the network vulnerability assessment /risk 
analysis programs via an integrated application programming 
interface . 

9. (ORIGINAL) A method according to Claim 7, and 
further comprising the step of modeling the network as a map 
on a graphical user interface. 

10. (ORIGINAL) A method according to Claim 7 , and 
further comprising the step of establishing a class hierarchy 
to define components of the network vulnerability analysis 
programs that share common data and programming traits. 
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11. (ORIGINAL) A method according to Claim 7, and 
further comprising the step of correlating the data results of 
the network vulnerability analysis programs using fuzzy logic 
processing . 

12. (ORIGINAL) A method according to Claim 7, and 
further comprising the step of running the network 
vulnerability analysis programs to obtain data results 
pertaining to network system details, network topologies, node 
level vulnerabilities and network level vulnerabilities. 

13. (PREVIOUSLY PRESENTED) A computer program that 
resides on a medium that can be read by a program, wherein the 
computer program comprises instructions to cause a computer to 
create a system object model database representing a network, 
wherein the system object model database supports the 
information data requirements of separate, non-integrated 
disparate network vulnerability analysis programs that analyze 
discrete network portions, wherein each analysis program is 
operative to run as a separate program and produce an initial 
data source separate from any data sources produced by 
respective other programs also running to produce a plurality 
of initial data sources for creating the system object model 
database; 

export the system object model database of the network to 
the network vulnerability analysis programs; 

analyze the network with each network vulnerability/risk 
analysis program to produce data results from each program; 
and 

correlate the data results of the network vulnerability 
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analysis programs to determine the security posture of the 
network. 

14. (ORIGINAL) A computer program according to Claim 
13, and further comprising instructions for displaying an 
integrated application programming interface, and exporting 
the system object model database to the network vulnerability 
analysis programs via the integrated application programming 
interface . 

15. (ORIGINAL) A computer program according to Claim 
13, and further comprising instructions for modeling the 
network as a map on a graphical user interface. 

16. (ORIGINAL) A computer program according to Claim 
13, and further comprising instructions for establishing a 
class hierarchy to define components of the network 
vulnerability analysis programs that share common data and 
programming traits . 

17. (ORIGINAL) A computer program according to Claim 
13, and further comprising instructions for correlating the 
data results of the network vulnerability analysis programs 
using fuzzy logic processing. 

18. (ORIGINAL) A computer program according to Claim 
13, and further comprising instructions for running the 
network vulnerability analysis programs to obtain data results 
that pertain to network system details, network topologies, 
node level vulnerabilities and network level vulnerabilities. 
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19. (PREVIOUSLY PRESENTED) A computer program that 
resides on a medium that can be read by a program, wherein the 
computer program comprises instructions to cause a computer to 
create a system object model database representing a network, 
wherein the system object model database supports the 
information data requirements of separate, non-integrated 
network vulnerability analysis programs that analyze discrete 
network portions, wherein each analysis program is operative 
to run as a separate program and produce an initial data 
source separate from any data sources produced by respective 
other programs also running to produce a plurality of initial 
data sources for creating the system object model database; 

import the system object model database of the network to 
the network vulnerability analysis programs through filters 
associated with each respective network vulnerability analysis 
program so as to export only the data required by the 
respective network vulnerability analysis program; 

analyze the network with each network vulnerability 
analysis program to produce data results from each program; 
and 

correlate the data results of the network vulnerability 
analysis programs to determine the security posture of the 
network. 

20. (ORIGINAL) A computer program according to Claim 
19, and further comprising instructions for displaying an 
integrated application programming interface, and exporting 
the system object model database to the network vulnerability 



In re Patent Application of: 
FOX ET AL. 

Serial No. 09/500,108 
Filing Date: 2/8/00 
/ 

analysis programs via the integrated application programming 
interface . 

21. (ORIGINAL) A computer program according to Claim 
19, and further comprising instructions for modeling the 
network as a map on a graphical user interface. 

22. (ORIGINAL) A computer program according to Claim 
19, and further comprising instructions for establishing a 
class hierarchy to define components of the network 
vulnerability analysis programs that share common data and 
programming traits. 

23. (ORIGINAL) A computer program according to Claim 
19, and further comprising instructions for correlating the 
data results of the disparate network vulnerability analysis 
programs using fuzzy logic processing. 

24. (ORIGINAL) A computer program according to Claim 
19, and further comprising instructions for running the 
network vulnerability analysis programs to obtain data results 
that pertain to network system details, network topologies, 
node level vulnerabilities and network level vulnerabilities. 

25. (PREVIOUSLY PRESENTED) A data processing system for 
assessing the security vulnerability of a network comprising: 

a plurality of separate, non-integrated network 
vulnerability/risk analysis programs used for analyzing a 
network; 

a system object model database that represents the 
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network to be analyzed, wherein the system object model 
database supports the information data requirements of the 
network vulnerability/risk analysis programs, wherein each 
analysis program is operative to run as a separate program and 
produce an initial data source separate from any data sources 
produced by respective other programs also running to produce 
a plurality of initial data sources for creating the system 
ob j ect model database; 

an applications programming interface for exporting the 
system object model database of the network to the network 
vulnerability/risk analysis programs; and 

a processor for correlating the data results obtained 
from each network vulnerability analysis program after 
analyzing the network to determine the security posture of the 
network. 

26. (ORIGINAL) A data processing system according to 
Claim 25, wherein the applications programming interface for 
importing the system object model database comprises a 
graphical user interface . 

27. (ORIGINAL) A data processing system according to 
Claim 25, and further comprising a graphical user interface 
that models the network as a map. 

28. (ORIGINAL) A data processing system according to 
Claim 25, and further comprising a graphical user interface 
for displaying the security posture of the network. 
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29. (ORIGINAL) A data processing system according to 
Claim 25, wherein said database further comprises an object 
oriented class hierarchy to define components of the network 
vulnerability analysis programs that share common data and 
programming traits . 



30. (ORIGINAL) A data processing system according to 
Claim 25, wherein said processor comprises a fuzzy logic 
processor . 



31. (PREVIOUSLY PRESENTED) A data processing system for 
assessing the security vulnerability of a network comprising: 

a plurality of separate, non-integrated network 
vulnerability/risk analysis programs used for analyzing a 
network; 

a system object model database that represents the 
network to be analyzed, wherein the system object model 
database supports the information data requirements of each 
network vulnerability analysis program, wherein each analysis 
program is operative to run as a separate program and produce 
an initial data source separate from any data sources produced 
by respective other programs also running to produce a 
plurality of initial data sources for creating the system 
object model database; 

an applications programming interface for exporting the 
system object model database of the network to the separate, 
non-integrated network vulnerability analysis programs; 

a filter associated with the applications programming 
interface and each respective network vulnerability analysis 
program for filtering the system object model database and 
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exporting only the required data requirements to each network 
vulnerability analysis program; and 

a processor for correlating the data results obtained 
from each network vulnerability analysis program after 
analyzing the network to determine the security posture of the 
network. 

32. (ORIGINAL) A data processing system according to 
Claim 31, wherein the applications programming interface for . 
importing the system object model database to comprises a 
graphical user interface. 

33. (ORIGINAL) A data processing system according to 
Claim 31, and further comprising a graphical user interface 
that models the network as a map. 

34. (ORIGINAL) A data processing system according to 
Claim 31, and further comprising a graphical user interface 
for displaying the vulnerability posture of the network. 

35. (ORIGINAL) A data processing system according to 
Claim 31, wherein said database further comprises an object 
oriented class hierarchy to define components of the network 
vulnerability analysis programs that share common data and 
programming traits. 

36. (ORIGINAL) A data processing system according to 
Claim 31, wherein said processor comprises a fuzzy logic 
processor. 
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